/*
 * Store Windows ACLs in a tdb.
 *
 * Copyright (C) Volker Lendecke, 2008
 * Copyright (C) Jeremy Allison, 2008
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, see <http://www.gnu.org/licenses/>.
 */

/* NOTE: This is an experimental module, not yet finished. JRA. */

#include "includes.h"
#include "librpc/gen_ndr/xattr.h"
#include "librpc/gen_ndr/ndr_xattr.h"
#include "../lib/crypto/crypto.h"

#undef DBGC_CLASS
#define DBGC_CLASS DBGC_VFS

#include "modules/vfs_acl_common.c"

static unsigned int ref_count;
static struct db_context *acl_db;

/*******************************************************************
 Open acl_db if not already open, increment ref count.
*******************************************************************/

static bool acl_tdb_init(struct db_context **pp_db)
{
	char *dbname;

	if (acl_db) {
		*pp_db = acl_db;
		ref_count++;
		return true;
	}

	dbname = state_path("file_ntacls.tdb");

	if (dbname == NULL) {
		errno = ENOSYS;
		return false;
	}

	become_root();
	*pp_db = db_open(NULL, dbname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
	unbecome_root();

	if (*pp_db == NULL) {
#if defined(ENOTSUP)
		errno = ENOTSUP;
#else
		errno = ENOSYS;
#endif
		TALLOC_FREE(dbname);
		return false;
	}

	ref_count++;
	TALLOC_FREE(dbname);
	return true;
}

/*******************************************************************
 Lower ref count and close acl_db if zero.
*******************************************************************/

static void free_acl_tdb_data(void **pptr)
{
	struct db_context **pp_db = (struct db_context **)pptr;

	ref_count--;
	if (ref_count == 0) {
		TALLOC_FREE(*pp_db);
		acl_db = NULL;
	}
}

/*******************************************************************
 Fetch_lock the tdb acl record for a file
*******************************************************************/

static struct db_record *acl_tdb_lock(TALLOC_CTX *mem_ctx,
					struct db_context *db,
					const struct file_id *id)
{
	uint8 id_buf[16];

	/* For backwards compatibility only store the dev/inode. */
	push_file_id_16((char *)id_buf, id);
	return db->fetch_locked(db,
				mem_ctx,
				make_tdb_data(id_buf,
					sizeof(id_buf)));
}

/*******************************************************************
 Delete the tdb acl record for a file
*******************************************************************/

static NTSTATUS acl_tdb_delete(vfs_handle_struct *handle,
				struct db_context *db,
				SMB_STRUCT_STAT *psbuf)
{
	NTSTATUS status;
	struct file_id id = vfs_file_id_from_sbuf(handle->conn, psbuf);
	struct db_record *rec = acl_tdb_lock(talloc_tos(), db, &id);

	/*
	 * If rec == NULL there's not much we can do about it
	 */

	if (rec == NULL) {
		DEBUG(10,("acl_tdb_delete: rec == NULL\n"));
		TALLOC_FREE(rec);
		return NT_STATUS_OK;
	}

	status = rec->delete_rec(rec);
	TALLOC_FREE(rec);
	return status;
}

/*******************************************************************
 Pull a security descriptor into a DATA_BLOB from a tdb store.
*******************************************************************/

static NTSTATUS get_acl_blob(TALLOC_CTX *ctx,
			vfs_handle_struct *handle,
			files_struct *fsp,
			const char *name,
			DATA_BLOB *pblob)
{
	uint8 id_buf[16];
	TDB_DATA data;
	struct file_id id;
	struct db_context *db;
	int ret = -1;
	SMB_STRUCT_STAT sbuf;

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
		return NT_STATUS_INTERNAL_DB_CORRUPTION);

	if (fsp && fsp->fh->fd != -1) {
		ret = SMB_VFS_FSTAT(fsp, &sbuf);
	} else {
		if (fsp && fsp->posix_open) {
			ret = vfs_lstat_smb_fname(handle->conn, name, &sbuf);
		} else {
			ret = vfs_stat_smb_fname(handle->conn, name, &sbuf);
		}
	}

	if (ret == -1) {
		return map_nt_error_from_unix(errno);
	}

	id = vfs_file_id_from_sbuf(handle->conn, &sbuf);

	/* For backwards compatibility only store the dev/inode. */
	push_file_id_16((char *)id_buf, &id);

	if (db->fetch(db,
			ctx,
			make_tdb_data(id_buf, sizeof(id_buf)),
			&data) == -1) {
		return NT_STATUS_INTERNAL_DB_CORRUPTION;
	}

	pblob->data = data.dptr;
	pblob->length = data.dsize;

	DEBUG(10,("get_acl_blob: returned %u bytes from file %s\n",
		(unsigned int)data.dsize, name ));

	if (pblob->length == 0 || pblob->data == NULL) {
		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
	}
	return NT_STATUS_OK;
}

/*******************************************************************
 Store a DATA_BLOB into a tdb record given an fsp pointer.
*******************************************************************/

static NTSTATUS store_acl_blob_fsp(vfs_handle_struct *handle,
				files_struct *fsp,
				DATA_BLOB *pblob)
{
	uint8 id_buf[16];
	struct file_id id;
	TDB_DATA data;
	struct db_context *db;
	struct db_record *rec;
	int ret = -1;

	DEBUG(10,("store_acl_blob_fsp: storing blob length %u on file %s\n",
		  (unsigned int)pblob->length, fsp_str_dbg(fsp)));

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
		return NT_STATUS_INTERNAL_DB_CORRUPTION);

	if (fsp->fh->fd != -1) {
		ret = SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st);
	} else {
		if (fsp->posix_open) {
			ret = SMB_VFS_LSTAT(handle->conn, fsp->fsp_name);
		} else {
			ret = SMB_VFS_STAT(handle->conn, fsp->fsp_name);
		}
	}

	if (ret == -1) {
		return map_nt_error_from_unix(errno);
	}

	id = vfs_file_id_from_sbuf(handle->conn, &fsp->fsp_name->st);

	/* For backwards compatibility only store the dev/inode. */
	push_file_id_16((char *)id_buf, &id);
	rec = db->fetch_locked(db, talloc_tos(),
				make_tdb_data(id_buf,
					sizeof(id_buf)));
	if (rec == NULL) {
		DEBUG(0, ("store_acl_blob_fsp_tdb: fetch_lock failed\n"));
		return NT_STATUS_INTERNAL_DB_CORRUPTION;
	}
	data.dptr = pblob->data;
	data.dsize = pblob->length;
	return rec->store(rec, data, 0);
}

/*******************************************************************
 Store a DATA_BLOB into a tdb record given a pathname.
*******************************************************************/

static NTSTATUS store_acl_blob_pathname(vfs_handle_struct *handle,
					const char *fname,
					DATA_BLOB *pblob)
{
	uint8 id_buf[16];
	struct file_id id;
	TDB_DATA data;
	SMB_STRUCT_STAT sbuf;
	struct db_context *db;
	struct db_record *rec;
	int ret = -1;

	DEBUG(10,("store_acl_blob_pathname: storing blob "
			"length %u on file %s\n",
			(unsigned int)pblob->length, fname));

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
		return NT_STATUS_INTERNAL_DB_CORRUPTION);

	if (lp_posix_pathnames()) {
		ret = vfs_lstat_smb_fname(handle->conn, fname, &sbuf);
	} else {
		ret = vfs_stat_smb_fname(handle->conn, fname, &sbuf);
	}

	if (ret == -1) {
		return map_nt_error_from_unix(errno);
	}

	id = vfs_file_id_from_sbuf(handle->conn, &sbuf);

	/* For backwards compatibility only store the dev/inode. */
	push_file_id_16((char *)id_buf, &id);

	rec = db->fetch_locked(db, talloc_tos(),
				make_tdb_data(id_buf,
					sizeof(id_buf)));
	if (rec == NULL) {
		DEBUG(0, ("store_acl_blob_pathname_tdb: fetch_lock failed\n"));
		return NT_STATUS_INTERNAL_DB_CORRUPTION;
	}
	data.dptr = pblob->data;
	data.dsize = pblob->length;
	return rec->store(rec, data, 0);
}

/*********************************************************************
 On unlink we need to delete the tdb record (if using tdb).
*********************************************************************/

static int unlink_acl_tdb(vfs_handle_struct *handle,
			  const struct smb_filename *smb_fname)
{
	struct smb_filename *smb_fname_tmp = NULL;
	struct db_context *db;
	NTSTATUS status;
	int ret = -1;

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);

	status = copy_smb_filename(talloc_tos(), smb_fname, &smb_fname_tmp);
	if (!NT_STATUS_IS_OK(status)) {
		errno = map_errno_from_nt_status(status);
		goto out;
	}

	if (lp_posix_pathnames()) {
		ret = SMB_VFS_LSTAT(handle->conn, smb_fname_tmp);
	} else {
		ret = SMB_VFS_STAT(handle->conn, smb_fname_tmp);
	}

	if (ret == -1) {
		goto out;
	}

	ret = SMB_VFS_NEXT_UNLINK(handle, smb_fname_tmp);

	if (ret == -1) {
		goto out;
	}

	acl_tdb_delete(handle, db, &smb_fname_tmp->st);
 out:
	return ret;
}

/*********************************************************************
 On rmdir we need to delete the tdb record (if using tdb).
*********************************************************************/

static int rmdir_acl_tdb(vfs_handle_struct *handle, const char *path)
{

	SMB_STRUCT_STAT sbuf;
	struct db_context *db;
	int ret = -1;

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);

	if (lp_posix_pathnames()) {
		ret = vfs_lstat_smb_fname(handle->conn, path, &sbuf);
	} else {
		ret = vfs_stat_smb_fname(handle->conn, path, &sbuf);
	}

	if (ret == -1) {
		return -1;
	}

	ret = SMB_VFS_NEXT_RMDIR(handle, path);
	if (ret == -1) {
		return -1;
	}

	acl_tdb_delete(handle, db, &sbuf);
	return 0;
}

/*******************************************************************
 Handle opening the storage tdb if so configured.
*******************************************************************/

static int connect_acl_tdb(struct vfs_handle_struct *handle,
				const char *service,
				const char *user)
{
	struct db_context *db;
	int res;

        res = SMB_VFS_NEXT_CONNECT(handle, service, user);
        if (res < 0) {
                return res;
        }

	if (!acl_tdb_init(&db)) {
		SMB_VFS_NEXT_DISCONNECT(handle);
		return -1;
	}

	SMB_VFS_HANDLE_SET_DATA(handle, db, free_acl_tdb_data,
				struct db_context, return -1);

	return 0;
}

/*********************************************************************
 Remove a Windows ACL - we're setting the underlying POSIX ACL.
*********************************************************************/

static int sys_acl_set_file_tdb(vfs_handle_struct *handle,
                              const char *path,
                              SMB_ACL_TYPE_T type,
                              SMB_ACL_T theacl)
{
	SMB_STRUCT_STAT sbuf;
	struct db_context *db;
	int ret = -1;

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);

	if (lp_posix_pathnames()) {
		ret = vfs_lstat_smb_fname(handle->conn, path, &sbuf);
	} else {
		ret = vfs_stat_smb_fname(handle->conn, path, &sbuf);
	}

	if (ret == -1) {
		return -1;
	}

	ret = SMB_VFS_NEXT_SYS_ACL_SET_FILE(handle,
						path,
						type,
						theacl);
	if (ret == -1) {
		return -1;
	}

	acl_tdb_delete(handle, db, &sbuf);
	return 0;
}

/*********************************************************************
 Remove a Windows ACL - we're setting the underlying POSIX ACL.
*********************************************************************/

static int sys_acl_set_fd_tdb(vfs_handle_struct *handle,
                            files_struct *fsp,
                            SMB_ACL_T theacl)
{
	struct db_context *db;
	int ret;

	SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);

	if (fsp->is_directory || fsp->fh->fd == -1) {
		if (fsp->posix_open) {
			ret = SMB_VFS_LSTAT(fsp->conn, fsp->fsp_name);
		} else {
			ret = SMB_VFS_STAT(fsp->conn, fsp->fsp_name);
		}
	} else {
		ret = SMB_VFS_FSTAT(fsp, &fsp->fsp_name->st);
	}
	if (ret == -1) {
		return -1;
	}

	ret = SMB_VFS_NEXT_SYS_ACL_SET_FD(handle,
						fsp,
						theacl);
	if (ret == -1) {
		return -1;
	}

	acl_tdb_delete(handle, db, &fsp->fsp_name->st);
	return 0;
}

static struct vfs_fn_pointers vfs_acl_tdb_fns = {
	.connect_fn = connect_acl_tdb,
	.mkdir = mkdir_acl_common,
	.open = open_acl_common,
	.unlink = unlink_acl_tdb,
	.rmdir = rmdir_acl_tdb,
	.fget_nt_acl = fget_nt_acl_common,
	.get_nt_acl = get_nt_acl_common,
	.fset_nt_acl = fset_nt_acl_common,
	.sys_acl_set_file = sys_acl_set_file_tdb,
	.sys_acl_set_fd = sys_acl_set_fd_tdb
};

NTSTATUS vfs_acl_tdb_init(void)
{
	return smb_register_vfs(SMB_VFS_INTERFACE_VERSION, "acl_tdb",
				&vfs_acl_tdb_fns);
}